2. Using Just1Key Mobile
2.1 How to use Just1Key Mobile
2.2 What platforms will Just1Key Mobile work with?
2.3 I always use J1K Ultra-Secure -- why should I use J1K Mobile?

3. Premium Accounts
3.1 What happens if I forget my Just1Key Passphrase?
3.2 How strong should my passwords be?
3.3 Do you have a Referral or Affiliate Program?
3.4 Do you have a Privacy Policy?

4. Security and Reliability
4.1 How reliable are Crimsonata's servers?
4.2 What is the version 1.4 Server System?
4.3 How secure is my Premium Just1Key data on these servers?
4.4 What is the security difference between J1K Ultra-Secure and J1K Mobile?
4.5 Other Security concerns

1.1 What Platforms will Just1Key Ultra-Secure work with?
   All Just1Key versions should work on the Windows family of operating systems released since 1998 (including Win98, 2000, and XP) that have Java-enabled web browsers. Just1Key Ultra-Secure also works on other 100% Java Applet compatible (1.1.8 and up) systems, including Linux and many of the latest Mac OS X configurations. The latest feedback we have from Mac users is mostly positive with OS X 10.3 and 10.4 using Firefox, I.E., and Camino browsers (all with the latest Java plug-in installed) -- we're still working on making it better, and until then J1K Mobile will definitely work. Feel free to email us at comments@Just1Key.com to share your compatibility experiences!

1.2 Where can I get Java, and the latest web browsers?
   Most web-browsers have Java built in (also known as a Java Virtual Machine^TM) -- however, some don't, such as older versions of Internet Explorer. To get Java for your browser, simply go to www.java.com and download it for free - it's a seamless and easy install. And if you'd like the latest free versions of the most popular web-browsers, just click on its name here: FireFox or Internet Explorer.

1.3 My web browser is asking about a "security warning" for trusting content from "Hush Communications"
   Because our J1K Ultra-Secure runs a digitally signed Java Applet within your web browser, you will need to accept the signing certificate in order to use it. Over a million users have accepted this signing certificate through HushMail.com since 1999. Additionally, you should realize that accepting this certificate simply gives our Java Applet the same permissions as any other executable software program installed on your system, and enables Just1Key's "Copy to Clipboard" buttons to put your data into the system clipboard with a single click. If for any reason you don't want to accept this digital certificate, you can always use Just1Key Mobile instead.

1.4 What happened to the Installable Windows Client version of Just1Key?
   In early 2005 we discontinued it, mostly because we didn't have enough time to effectively support and maintain it for the vast majority of free users who used it. We may re-introduce a new version in the future, but for now we simply offer the web-based Just1Key system. If you are a Premium Just1Key member, and still use the Installable Client, we'll let you know before we release our full version 1.4 server system, as your Premium account will not be compatible with the Installable Client program at that time.

1.5 Using the 'Open to Web' Button:
   When you click this button within Just1Key Ultra-Secure, the described website address (or URL as it's called) conveniently opens up in a new browser window. Since the new window may open on top of your Just1Key app, it may be faster to first Copy the data you'll need (like the password) into the clipboard with Just1Key, and then click the 'Open to Web' button. And a very useful thing to know: Some websites allow the entry of your account username via the URL -- so if you copy and paste one of these long website address URL's into your "Website" text field, all you'll need to do is copy your password into the clipboard via Just1Key and hit the "Open to Browser" button - very convenient indeed!

2.1 How to use Just1Key Mobile
   Most of the information about Just1Key Mobile, such as how it works and the differences between it and Just1Key Ultra-Secure, are contained in the online ReadMe Instructions, located here.

2.2 What devices will Just1Key Mobile work with?
   Since it works almost everywhere, a complete list would be almost impossible. However, we are attempting to compile the best list we can, based on feedback from our users. Until it's available, the simplest way to tell (besides trying the free J1K Mobile 'demo' yourself!) is to see if your web-browser software has SSL (Secure Sockets Layer) capability -- if so, you should be fine. You are not required to use Java, JavaScript, graphics, or even cookies, although if you do have them it may save you an extra button click now and again. FYI, the majority of our mobile-device testing was with Palm OS compatible PDA's and phones running the Blazer browser, version 2.1.4s2 Build 10.

2.3 I always use J1K Ultra-Secure -- why should I use J1K Mobile?
   If you always use standard computer operating systems to access the Internet (Windows, Mac, Linux, etc.), and don't own or use an SSL-enabled mobile phone or PDA, then you probably have no reason to use J1K Mobile often, as it has less features available than J1K Ultra-Secure. However, J1K Mobile users have an advantage: with "Stage One" of our rollout of the '1.4 server system' in place, anytime you access your Just1Key account with J1K Mobile, a copy of that encrypted data is saved on the J1K Mobile server. This means if there is ever any problem with accessing J1K Ultra-Secure online (even with 99.9+% uptime, there still may be 0.1% downtime), you can still retrieve that older copy of your data instantaneously via the geographically separate J1K Mobile system. Please see section 4 of our FAQ for more details.

3.1 What happens if I forget my Just1Key Passphrase?
   We call it "Just One Key" because you only have to remember ONE password / passphrase key to access all your information on the net. But if you forget it, all we can do is reset your account, and you will lose all your previously stored Just1Key information. No one at our company, or anyone else for that matter, has access to your data without your passphrase. Which is why we strongly recommend you *write it down*, on paper, until you are certain it's well memorized (see the next question for more details). It's very easy for anybody to forget something they've only typed once or twice. We recommend paper because there are so many possible security problems with using a standard editor on your machine (temporary files, backup files, and files not actualy erasing/wiping, etc.).

3.2 How strong should my passwords be?
   When you're using Just1Key, you'll only need to remember one password (for the rest of your life!), so you should make it a good one. We call this your Master Just1Key Passphrase. It is recommended that you string together three or four completely unrelated words, with a few numbers or symbols thrown in. This will help stop not only someone from randomly guessing it, but also a computer trying lots of possibilities, too. And, since your other passwords are now taken care of, you can use stronger (longer) passwords for your other accounts without having the inconvenience of needing to continuously type them or remember them. Most importantly, when you create or change your Just1Key Passphrase, WRITE IT DOWN, test that it's correctly written, and keep in a safe place until you are sure you have it memorized ; then destroy the paper you wrote it on (shred it, etc.) -- Remember, if you lose your passphrase, NOBODY, including us, can get access to your Just1Key data! Even the most advanced computer user occasionally forgets something they have only used once or twice...

3.3 Do you have a Referral or Affiliate Program?
   We're currently working on implementing these programs, and updating their corresponding database management system. Our Referral program will give a few months of Premium service for those who refer a Premium user to Just1Key, and our Affiliate program gives a cash bonus for websites that send us new users. By creating a fully-automated system, it will make things easier for all those who want to participate. If you're not a Premium user already, send us a blank email at sub-J1K@crimsonata.com and we'll keep you updated via our mailing list when these programs are ready.

3.4 Do you have a Privacy Policy?
   Yes -- it is on the Crimsonata Corporate site, available here.

4.1 How reliable are Crimsonata's servers?
   Compared to other websites, very reliable. Since launching the web-based Just1Key system in the summer of 2003, our site has seen over 99.9% uptime. However, since we know it's very important that our members can access Just1Key data at all times, we are taking an extra step that is mostly unheard of in the web-based data-storing industry: We are designing a real-time, dual server system with geographical redundancy, enabling essentially 100% uptime (with 15-second or less switch-over times). We call this our 'Version 1.4 Server System' -- see the next question for more.

4.2 What is the version 1.4 Server System?
   We are currently implementing a new system on our servers that enables users of Just1Key to have perhaps the most reliable access of any web-based Internet application commercially available -- a real-time, dual redundancy system with geographic displacement. Our rollout of this system includes three stages: Stage One is now complete (July 2005) with the offering of Just1Key Mobile. With Stage One, even if our Canadian servers (which serve J1K Ultra-Secure) went offline, users can still access their "Read Only" Just1Key information from our U.S. servers with J1K Mobile. Once stages Two and Three are complete, any Just1Key user will have full real-time read-and-write access, from either J1K Mobile or J1K Ultra-Secure, from either the U.S. or the Canadian server system. When using a mobile solution for your Internet Password Management, we just don't think that perhaps 20 minutes of downtime per month is acceptable -- we're going for 15 seconds a month or less -- and hopefully we'll be able to entice other companies to offer such reliability in their web-based services by licensing our system.

4.3 How secure is my Premium Just1Key data on these servers?
   Extremely secure! Using the patented Hush Encryption Engine(tm) method of data storage and key management, all Just1Key data is encrypted with a Just1Key passphrase. Without it, absolutely no one can access it. Only you should know your passphrase. No one at our company will know it, and even if data from our servers was stolen or required disclosure because of a court ordered subpoena, all Just1Key data obtained would not be in any human readable format, as long as no one else knows your Master Just1Key Passphrase. So make sure your Passphrase is not easy to guess or generate (see section 3, above). Also, we store your Just1Key data and serve the J1K Ultra-Secure Java Applet from the same servers as Hush Communications (with their HushMail.com secure email system). Ever since Hush's inception (in 1998), with over a million individual user encryption keys generated and stored since, not one security breach of this data has ever been detected.

4.4 What is the security difference between J1K Ultra-Secure and J1K Mobile?
   The Ultra-Secure version is slightly more secure, although both are extremely secure. In fact, as long as our top-notch server administrators do their job correctly, the security level is essentially the same. The technical difference between the two versions is this: With Ultra-Secure, a Java Applet is run on your client computer, and your personal Just1Key passphrase is never transmitted off that machine -- all decryption happens locally. With J1K Mobile, since most mobile phones and PDA's do not have Java Applet capability, your passphrase is transmitted via SSL (128-bit Secure Sockets Layer) to the same Java Applet running on our servers, with data sent back and forth via SSL to your web-browser, securing the transmission. Both Java Applet's never store sensitive information on disk. They both use the Hush Encryption Engine(TM), and only exist in RAM memory for as long as you use it (with a 10 minute default timeout for J1K Mobile). With this structure, we believe we are offering the most secure and convenient system commercially available for keeping your private data private, from anyone but you -- including everyone at our company. To further ensure your data security, we have dual checks and balances within our own staff and software development cycle, to constrain any malicious code from ever being potentially run within our system.

4.5 Other Security concerns
   Just1Key ensures the highest level of data security for our users, within a networked computer environment. However, it is important to realize that absolutely no single software application on its own can completely safeguard your online experience, the same way that the most expensive door lock can't completely stop a home from being burgled. Just1Key is an integral part of the "online-security approach" so to speak, utilizing robust data encryption methods and allowing users to conveniently manage longer, more secure passwords (rather than the simple ones many people use and re-use because remembering them is so cumbersome). You should probably also be using a Firewall and anti-virus software (at the minimum) to help guard against intrusions to your data and communications. And do not use any computer that you have reason to not trust. Knowledge is probably the most powerful ally when it comes to computer security, so please take the time for some online reading and research when you can. Perhaps a decent starting point would be our partner's website at HushMail.com , which has links to online articles and other organizations concerned with computer security.